[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Another NAT Traversal question
In your previous mail you wrote:
Francis Dupont wrote:
> >From what I recall, the authors had given up on the transport mode and
> one of them had stated on this list that only 'tunnel mode' will be
> pushed for v2.
> => I am afraid that there is no consensus to drop the transport mode,
> so as the NAT traversal is in the charter, there is a problem to
> really solve.
Let's ask it this way: what is the real need for transport mode ESP
to work over NAT?
=> we have no choice : we need transport mode and there are NATs (including
in the charter)...
You can do everything with tunnel mode ESP, including L2TP/IPsec.
=> there are two important differences between tunnel and transport modes:
overhead and selector checking. The first one can be removed with good
compression, including header compression, but the second cannot: tunnel
mode and transport mode over a tunnel will be ever different.
IMHO if we have to give up something, it should be the NAT traversal...